Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138302e302f32342d3234203d3e20313336373837.roa
File: 38332e3133362e3138302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Dqj/HQbXmSgBLjS/t9FnBopwJ4Rp0Rw6o7GsndDaPeY=
Subject key identifier: F6:E5:16:47:24:B8:E4:DB:F7:27:11:A4:2E:AC:5F:48:7B:39:EE:E4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 53B89BF70B1C4D2751A95FF4A309002C60E45DCD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:42:00 +0000
ROA not before: Fri 20 Oct 2023 13:37:00 +0000
ROA not after: Fri 18 Oct 2024 13:42:00 +0000
asID: 136787
IP address blocks: 83.136.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b8:9b:f7:0b:1c:4d:27:51:a9:5f:f4:a3:09:00:2c:60:e4:5d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:37:00 2023 GMT
Not After : Oct 18 13:42:00 2024 GMT
Subject: CN=F6E5164724B8E4DBF72711A42EAC5F487B39EEE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:40:01:ef:c2:ad:bb:74:0e:8d:e0:29:4d:
84:d3:78:ea:c3:7b:49:14:b9:b7:00:eb:b0:5d:b2:
e1:34:91:5d:d9:cd:df:0f:ac:30:95:1e:65:38:db:
30:91:d3:f8:a0:1c:9d:52:07:3a:dd:d4:6c:52:cb:
2d:7a:71:6e:c5:c9:27:7e:79:b3:00:0f:32:0e:be:
c8:7a:30:30:ae:bc:1e:88:ba:5c:fb:0c:cf:2a:6c:
c7:58:da:37:a5:75:b1:d4:01:b0:36:f3:5b:5a:62:
8e:80:d9:a2:bc:f2:52:76:da:c6:7b:b8:37:36:b7:
77:66:20:94:33:02:96:0e:30:73:a1:09:c3:fb:65:
d4:76:6e:bb:ce:81:ca:ea:74:c0:5b:4e:77:a9:eb:
fe:ec:97:48:5e:1f:3d:86:78:42:47:86:e3:f5:aa:
9c:f9:b0:b5:7f:54:11:06:09:26:fc:fb:03:55:28:
99:6b:f1:75:cc:5a:fa:c0:f2:f2:97:b4:85:86:97:
23:9a:b0:ef:3c:d0:18:ba:b8:96:61:69:6f:ea:9a:
0a:6d:70:75:3f:cd:67:96:8a:a2:2b:26:15:dd:39:
31:f3:89:05:c8:c0:10:b1:23:7d:f4:0a:41:96:0f:
96:bc:13:09:1d:3f:b9:3b:d7:f6:ac:53:93:67:f9:
25:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E5:16:47:24:B8:E4:DB:F7:27:11:A4:2E:AC:5F:48:7B:39:EE:E4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.180.0/24
Signature Algorithm: sha256WithRSAEncryption
95:3c:34:cc:49:89:7c:6d:98:bb:37:7c:af:51:32:be:6f:94:
67:a0:e1:5b:32:8f:13:1f:b8:30:4d:ba:bd:d7:fc:75:1a:02:
a8:61:8c:88:d9:d0:16:e2:7b:a5:ca:b5:9c:5e:8a:e8:76:75:
ad:0c:3c:87:3c:cc:38:d9:67:9d:a4:b8:a7:28:d3:6a:89:5b:
9f:6a:4c:e8:a2:1a:aa:5a:67:f5:99:a7:9e:41:ef:8d:1a:80:
66:2a:50:16:7f:21:16:78:64:5f:d4:d3:22:78:33:68:ef:78:
f2:c6:e6:f8:5d:74:0f:3e:d7:b4:50:97:9f:05:8d:a6:c9:b6:
a2:1f:bc:de:22:07:29:27:40:bd:d4:1f:79:d2:e8:e8:69:f0:
f1:07:6d:2a:d0:c3:34:e3:f4:3d:9f:8a:1b:3c:a4:1e:f0:1e:
82:42:e5:a5:5a:30:1b:a1:b9:2c:3d:5d:08:7f:ff:07:33:4d:
6b:54:23:74:fe:86:d8:8e:12:d5:9f:f2:38:87:50:2d:0d:9d:
03:48:38:ea:0e:7b:04:fc:6a:14:8f:49:08:94:28:a7:77:d1:
3e:7e:cc:f8:d7:75:32:1a:d3:c0:1b:ba:0d:ab:61:68:4a:ba:
fc:10:57:93:39:c6:50:5c:b2:dd:90:d1:5e:04:93:93:09:ed:
d8:23:aa:9b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUU7ib9wscTSdRqV/0owkALGDkXc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM3MDBaFw0yNDEwMTgxMzQyMDBaMDMxMTAvBgNV
BAMTKEY2RTUxNjQ3MjRCOEU0REJGNzI3MTFBNDJFQUM1RjQ4N0IzOUVFRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5kAB78Ktu3QOjeApTYTTeOrD
e0kUubcA67BdsuE0kV3Zzd8PrDCVHmU42zCR0/igHJ1SBzrd1GxSyy16cW7FySd+
ebMADzIOvsh6MDCuvB6Iulz7DM8qbMdY2jeldbHUAbA281taYo6A2aK88lJ22sZ7
uDc2t3dmIJQzApYOMHOhCcP7ZdR2brvOgcrqdMBbTnep6/7sl0heHz2GeEJHhuP1
qpz5sLV/VBEGCSb8+wNVKJlr8XXMWvrA8vKXtIWGlyOasO880Bi6uJZhaW/qmgpt
cHU/zWeWiqIrJhXdOTHziQXIwBCxI330CkGWD5a8EwkdP7k71/asU5Nn+SVtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9uUWRyS45Nv3JxGkLqxfSHs57uQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMzJlMzEzMzM2MmUzMTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTiLQwDQYJKoZIhvcNAQELBQADggEBAJU8NMxJiXxtmLs3fK9RMr5vlGeg4Vsy
jxMfuDBNur3X/HUaAqhhjIjZ0Bbie6XKtZxeiuh2da0MPIc8zDjZZ52kuKco02qJ
W59qTOiiGqpaZ/WZp55B740agGYqUBZ/IRZ4ZF/U0yJ4M2jvePLG5vhddA8+17RQ
l58FjabJtqIfvN4iByknQL3UH3nS6Ohp8PEHbSrQwzTj9D2fihs8pB7wHoJC5aVa
MBuhuSw9XQh//wczTWtUI3T+htiOEtWf8jiHUC0NnQNIOOoOewT8ahSPSQiUKKd3
0T5+zPjXdTIa08Abug2rYWhKuvwQV5M5xlBcst2Q0V4Ek5MJ7dgjqps=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:26 2024 by rpki-client on console-fra.rpki-client.org